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Novell iFolder Administration Guide 


Novell iFolder Administration Guide 


Novell® iFolder™ 1.0 is a file storage and management solution to the 
universal problems associated with storing and retrieving data. With iFolder 
you have the latest version of your data when you need it and where you need 
it from any computer that you regularly use. And if you are not at a computer 
that you regularly use, you can still access and manage your files if you have 
an Internet connection and a Java-enabled browser. 


Documentation Conventions 


In this documentation, a greater-than symbol (>) is used to separate actions 
within a step and items in a cross-reference path. 


Also, a trademark symbol (= TM, etc.) denotes a Novell trademark. An asterisk 
(*) denotes a third-party trademark. 
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Welcome to Novell iFolder 


Novell® iFolder™ gives you automatic, secure, and transparent 
synchronization of files between your hard drive and the iFolder server, which 
results in easy access to personal files anywhere, anytime. 


Being able to access your files from any computer from any location 
eliminates the editing mistakes and menial updating tasks that frequently 
occur when your local machine is not accessible from different access points. 


The following figure illustrates how the iFolder server is accessed from 
different computers or locations. 
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What Is Novell 


iFolder? 


There are three components to Novell iFolder: 


+ 


iFolder client software 


Novell iFolder is compatible with Windows* 95, 98, 2000, NT, and ME 
workstations. 


The iFolder client must be installed on every workstation that you will use 
to access your iFolder files. Once the iFolder client is installed, it places 
a shortcut on your desktop to your iFolder directory, located in 
My_Documents\iFolder\userid\Home, and it also installs the ¡Folder icon 
in the system tray. 


The iFolder icon looks like this: 


ää 


The iFolder directory, located on your computer's hard drive, is where 
you will keep your files. Once a file is placed in the iFolder directory and 
synchronized out to the iFolder server, you can see it from all 
workstations that you are logged in to that have the iFolder client 
installed. Applications associated with the files in the iFolder directory 
must be installed at the local workstation. For example, if you have a 
Microsoft* Word document in your iFolder directory, you need to have 
the application installed on your workstation in order to access that file. 
Any changes that are made in this directory, from any workstation, are 
uploaded to the iFolder server. The freguency of the uploading can be 
determined by either the user or the network administrator. 


When you right-click the iFolder icon located in the system tray, you get 
a menu giving you access to your iFolder preferences and an activity 
status screen displaying what transactions are taking place between the 
client workstation and the iFolder server. The activity screen can also be 
accessed by double-clicking the iFolder icon. If the iFolder client is in the 
process of downloading files from the iFolder server to your computer, 
the icon will look like a folder with a blinking down-arrow. 


When you log in, iFolder asks you for a username and a password. Next, 
iFolder prompts you for a pass phrase. This pass phrase is used to encrypt 
files that are uploaded or downloaded to the server. 


10 NovelliFolder Administration Guide 


+ ¡Folder server software 


¡Folder runs on NetWare” 5.1, NetWare 6, Windows NT* 4.0, and 
Windows 2000 servers. 


Once you have installed the ¡Folder server software on your server, you 
can access the Server Management Console and the default ¡Folder Web 
site. 


From the Server Management Console, you can perform administrative 
tasks for all your ¡Folder user accounts. From the ¡Folder Web site, your 
¡Folder users will download the ¡Folder client software. It is also where 
you can access the Java* applet and view your ¡Folder files from a 
browser. The ¡Folder Web site is meant to be customized to fit your 
company’s look, feel, and business needs. 


+ ¡Folder Java applet 


The ¡Folder Java applet runs in Internet Explorer or Netscape'. From the 
browser, you can access your ¡Folder files from a computer that does not 
have the ¡Folder client installed. 


These three pieces work together seemlessly to provide you with instant 
access to any ¡Folder files stored on your hard drive from anywhere in the 
world. 


If you are installing Novell ¡Folder on NetWare 5.1, follow the instructions in 
Chapter 2, “Installing Novell ¡Folder on NetWare 5.1,” on page 13. 


If you are installing Novell ¡Folder on NetWare 6, follow the instructions in 
Chapter 3, “Installing Novell ¡Folder on NetWare 6,” on page 19. 


If you are installing Novell iFolder on Windows NT 4.0 or Windows 2000, 
follow the instructions in Chapter 4, “Installing Novell iFolder on Windows 
NT 4.0 or Windows 2000,” on page 25. 


If you are installing Novell iFolder on Novell Cluster Services, follow the 
instructions in Chapter 5, “Installing Novell iFolder on Novell Cluster 
Services,” on page 33. 
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Installing Novell iFolder on NetWare 
5.1 


Before you begin the iFolder™ installation, make sure that you have met the 
following iFolder server, client, and browser requirements. 


Server Reguirements 


O NetWare 5.1 server with Support Pack 3 installed. 


NetWare Support Packs are available at the Consolidated Support Pack 
Home Page (http://support.novell.com/csp/csplist.html). 


An LDAP v3 enabled directory, such as NDs® eDirectory™ 8.5. (Other 
LDAP v3 compliant directories will also work.) 


If you are using the same server for LDAP and iFolder, you must install 
NDS eDirectory 8.5 or later on your server. 


10 MB of free space on the SYS: volume where you plan to install 
iFolder. 


256 MB of RAM. 


If your LDAP server is not the same server as your iFolder server, and you 
want LDAP over SSL, copy the trusted root certificate (usually called 
ROOTCERT.DER) from your LDAP server to the SYS:Public directory 
of your iFolder server. (Remember where you copied this because you 
will be prompted for its location during the iFolder installation.) 


If you have a DNS name configured for your iFolder server, verify that 
the DNS name and its corresponding IP address are in the 
SYS:ETC\HOSTS file of your iFolder server. 
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Client Workstation Requirements 


Novell® ¡Folder is compatible with Windows 95, 98, 2000, NT, and ME 
workstations. The iFolder client is very small and will take only about 2 MB 
of free space on your workstation. 


IMPORTANT: If you are installing the iFolder client on a Windows 95 workstation, 
you must have the Winsock 2 update from Microsoft installed. This update can be 
downloaded from the Microsoft Web site (http://www.microsoft.com/Windows95/ 
downloads/contents/WUAdminTools/S_WUNetworkingTools/W95Sockets2/ 
Default.asp). 


Browser Reguirements 


You can use either Netscape 4.7 or later or Internet Explorer 5 or 5.5 to 
download the iFolder client. Netscape 6 is not supported with this release. 


IMPORTANT: Although you can use either Netscape or Internet Explorer (IE) to 
download the iFolder client, IE 5 or 5.5 must be installed on every workstation 
where you plan to install the iFolder client. 


Installing Novell iFolder on NetWare 5.1 


Novell iFolder uses the Apache Web server version 1.3.20. Apache uses port 
80, which happens to be the same port that NetWare Enterprise Web server 
(the default NetWare Web server) uses. In order to run the Apache Web server, 
you must unload the NetWare Enterprise Web server before you can install 
iFolder. If you want to run both the Apache Web server and the NetWare 
Enterprise Web server, you must set the secondary IP address prior to the 
iFolder installation and assign either the Apache or Enterprise Web server to 
that secondary IP address. 


1 On your workstation, map a Novell drive to the SYS: volume on the 
server where you plan to install iFolder and Apache. 


IMPORTANT: Apache must be installed on the SYS: volume. 


2 Locate the iFolder software that you downloaded and double-click the 
iFolder Apache server executable (ApacheiFolderServer.EXE) for 
NetWare. 


3 Read the Welcome screen and click Next. 


4 Click Yes to accept the licensing agreement. 
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5 Enter your username and the name of your company, and then click Next. 


6 Browse to the drive letter that you mapped in Step 1 and then click Next. 
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HINT: In order to install Novell iFolder on multiple servers from the same 
workstation, you must delete the directory that represents your last installation. To 
do this, go to C:\Program FilesUnstallshield Installation Information. If there are 
multiple directories, look at the their creation timestamps and delete the one that 
was created at the time that you performed your last installation. After you delete 
this directory, you should be able to install Novell iFolder on another server from 
the same workstation. 


(Conditional) If Apache is already installed on your server, choose one of 
the following options and then click Next: 


+ Overwrite the existing Apache installation on your server and install 
Apache and iFolder. 


+ Leave the existing Apache installation on your server and install only 
iFolder. 


+ Exit the install. 


(Conditional) If you chose to overwrite an existing Apache installation, 
or if Apache was not previously installed on your server, enter the DNS 
name of the server, the IP address of the server, your e-mail address, and 
then click Next. 


Enter the IP address of your LDAP server in the LDAP Host field. 
Enter the LDAP port you want to use. 


If you are using port 389, the LDAP Group object must be marked to 
Allow Clear Text Passwords. To verify this, launch ConsoleOne™ and 
locate the context where your server resides, right-click the LDAP Group 
object, click Properties, and check Allow Clear Text Passwords. 


HINT: Choose port 389 if you want to use LDAP without SSL encryption or if your 
LDAP server does not support SSL. Port 389 is also a good choice if iFolder and 
LDAP are running on the same server (no communication or data is being 
transferred across the wire, so no encryption is necessary). 


Choose port 636 if you want to use SSL, which provides your network with 
encryption and security when data is transferred across the wire. If you choose port 
636, make sure you have copied the ROOTCERT.DER file from your LDAP 
server’s SYS:PUBLIC directory to your iFolder server prior to the iFolder 
installation. 


(Conditional) If you have chosen port 636, enter the path to the LDAP 
trusted root certificate. 
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This will be the path to the SYS:Public directory where you copied the 
ROOTCERT.DER prior to the installation. For more information, see 
“Server Requirements” on page 13. 


12 Enter the LDAP login DN context. 
This is the context of the container where your User objects are located. 


iFolder allows you to enter multiple contexts. After each context, insert a 
semicolon. Do not put any spaces between the contexts. 


13 (Optional) If you want ¡Folder to search all subcontainers below the 
specified LDAP login DN context, make sure you check the Subcontainer 
Search check box. 


14 (Conditional) If you checked the Subcontainer Search check box, you 
must do one of the following: 


+ Assign the CN property to the Public object. 


To assign the CN property to the Public object, continue with the next 
step. 


+ Create an LDAP proxy user. 


To create an LDAP proxy user, follow the instructions in Step 16 on 
page 17. 


15 (Conditional) Assign the CN property to the Public object. 


IMPORTANT: Any rights assigned to the Public object are automatically inherited 
by all other objects in the NDS tree. You might not want to assign the CN property 
to the Public object if these rights will cause a security risk. If your ¡Folder server 
is outside the firewall and you do not want the CN property assigned to all objects 
in your NDS tree, you can also use an LDAP Proxy Username to search the 
subcontainers of your tree. 


15a Launch ConsoleOne. 
15b Right-click your NDS Tree object and then click Properties. 
15c Click NDS Rights > Public object > Assigned Rights > Add Property. 


15d Check the Show All Properties check box, select the CN property 
from the list, and then click OK. 


15e Check the Inheritable check box and then click Apply > OK. 
Continue with Step 17. 
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16 (Conditional) Create an LDAP proxv user. 
16a Launch ConsoleOne. 
16b Create a user without a password. 


16c Right-click your NDS tree object and then click Properties > NDS 
Rights > Add Trustee. 


16d Browse to your NetWare server, select the User object you just 
created and then click Apply > OK. 


HINT: When you add this user as a trustee of the tree, just accept the default 
Compare and Read rights. 


16e Right-click the LDAP Group object in your NDS tree and then click 
Properties > General. 


16f Click the Browse button next to the Proxy Username field and 
browse to the user that you just gave trustee rights to. 


16g Double-click the user so that the name appears in the Proxy 
Username field. 


16h Click Apply > OK. 
17 Click Next in the iFolder setup. 


18 (Conditional) If you are using a secondary LDAP server, enter the LDAP 
information for that server. 


Fill in this information only if you have two LDAP directories that 
contain usernames that need iFolder accounts. For example, suppose you 
have one LDAP directory that contains all your employee usernames and 
another LDAP directory that contains all your vendor usernames and you 
want the users from both directories to have iFolder accounts. You would 
enter the information for a secondary LDAP server. 


19 Enter the path to the directory where you want the ¡Folder user data to be 
stored on the server. 


20 Fnter the names of all the administrators who need rights to modify 
iFolder user account information via the Server Management Console 
and then click Next. 


HINT: The Admin names must have user accounts in your LDAP directory. 


If you are entering more than one name, separate the usernames with a 
semicolon, not spaces. For example, if you wanted users jsmith and 
admin to have rights to administer the Server Management Console, you 
would enter admin; jsmith. 
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21 Ifprompted, enter the IP address or the DNS name of your server and then 
click Next. 


22 Click Finish to complete the installation. 
23 Do one of the following: 


+ Ifyou are using only one IP address, to start Novell ¡Folder you can 
reboot your server (this will run the edited AUTOEXEC.NCF) or 
enter the following commands at the server console: 


search add sys:lApache 
search add sys: \Apache\iFolder\Server 
STARTIFOLDER 


+ Ifyou are using two IP addresses, edit the AUTOEXEC.NCF file and 
enter the following lines after the search add 
sys: \Apache\iFolder\Server command line: 


set command line prompt default choice=on 
set command line prompt time out=60 
Also enter ? in front of the STARTIFOLDER command line. 


Once you have edited the AUTOEXEC.NCF, to start Novell iFolder 
you can reboot your server (this will run the edited 
AUTOEXEC.NCF) or enter the following commands at the server 
console: 


search add sys: \Apache 
search add sys: \Apache\iFolder\Server 


STARTIFOLDER 


Novell iFolder is now installed on your NetWare 5.1 server. To learn more 
about Novell iFolder, go to Chapter 6, “Using Novell iFolder,” on page 37. 
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Installing Novell iFolder on NetWare 6 


Before you begin the iFolder™ installation, make sure that you have met the 
following iFolder server, client, and browser requirements. 


Server Reguirements 


U 10 MB of free space on the SYS: volume where you plan to install 
iFolder. 


Client Workstation Reguirements 


Novell® ¡Folder is compatible with Windows 95, 98, 2000, NT, and ME 
workstations. The iFolder client is very small and will take only about 2 MB 
of free space on your workstation. 


IMPORTANT: If you are installing the ¡Folder client on a Windows 95 workstation, 
you must have the Winsock 2 update from Microsoft installed. This update can be 
downloaded from the Microsoft Web site (http://www.microsoft.com/Windows95/ 
downloads/contents/WUAdminTools/S WUNetworkingTools/W95Sockets2/ 
Default.asp). 


Browser Reguirements 


You can use either Netscape 4.7 or later or Internet Explorer 5 or 5.5 to 
download the iFolder client. Netscape 6 is not supported with this release. 


IMPORTANT: Although you can use either Netscape or Internet Explorer (IE) to 
download the iFolder client, IE 5 or 5.5 must be installed on every workstation 
where you plan to install the iFolder client. 
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Installing Novell iFolder on NetWare 6 


1 Doa Custom install of NetWare 6. 


For instructions on installing NetWare 6, see the NetWare 6 Overview and 
Installation Guide. 


During the NetWare 6 installation, select iFolder as one of the products 
that you want to install. 


(Conditional) If prompted, resolve port conflicts or assign secondary IP 
addresses. 


If you are installing ¡Folder with no other Web products, you will not see 
this screen. 


When prompted, enter the following information: 
+ User data 


Enter the path to the directory where you want the iFolder user data 
to be stored on the iFolder server. 


* Admin names 


Enter the names of all the administrators who need rights to modify 
iFolder user account information via the Server Management 
Console. 


HINT: The Admin names must have user accounts in your LDAP directory. 


If you are entering more than one name, separate the usernames with 
a semicolon, not spaces. For example, if you wanted users jsmith and 
admin to have rights to administer the Server Management Console, 
you would enter admin; jsmith. 


+ Network domain 
Enter the IP address or the DNS name of your server. 
+ Admin's e-mail addresses 


At this point, if you do not want to configure any LDAP settings, you can 
finish the NetWare 6 installation. No post-installation tasks are reguired. 


To learn more about ¡Folder once it is installed, see Chapter 6, “Using 
Novell iFolder,” on page 37. 


If you would like to configure your LDAP settings, continue with Step 6. 
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6 (Optional) Continue with the NetWare 6 installation until you get to the 
Summary screen at the end of the NetWare 6 installation. 


The Summary screen lists all the products that you have selected to install 
with NetWare 6. 


7 Atthe Summary screen, click NetWare 6 > ¡Folder > Configure > Primary 
LDAP Settings. 


8 Enter the following LDAP information for your primary LDAP server: 


+ 


LDAP Host 
Enter the IP address of your LDAP server in the LDAP Host field. 


IMPORTANT: If you change your IP address here and your LDAP server is 
configured with SSL encryption, there will be some post-installation 
configuration reguired after the NetWare 6 installation. For more information, 
see "LDAP over SSL” on page 24. 


LDAP Port 
Enter the LDAP port you want to use. 


If you are using port 389, the LDAP Group object must be marked to 
Allow Clear Text Passwords. For more information, see “Port 389 
and Clear Text Passwords” on page 24. 


HINT: Choose port 389 if you want to use LDAP without SSL encryption or if 
your LDAP server does not support SSL. Port 389 is also a good choice if 
iFolder and LDAP are running on the same server (no communication or data 
is being transferred across the wire, so no encryption is necessary). 


Choose port 636 if you want to use SSL, which provides your network with 
encryption and security when data is transferred across the wire. If you 
choose port 636, there will be some post-configuration reguired after the 
NetWare 6 installation. For more information, see “LDAP over SSL” on page 
24. 


LDAP Login DN Context 


This is the context of the container where your User objects are 
located. iFolder allows you to enter multiple contexts. After each 
context, insert a semicolon. Do not put any spaces between the 
contexts. 


Subcontainer Search 


If you want iFolder to search all subcontainers below the specified 
LDAP login DN context, check this option. 


IMPORTANT: If you selected to do subcontainer searches, there will be 
some post-installation configuration reguired after the NetWare 6 installation. 
For more information, see 'Subcontainer Searches” on page 22. 
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9 (Conditional) If you have a secondary LDAP server, click Secondary 
LDAP Settings. 


10 Enter the settings for the secondary LDAP server. 


Fill in this information only if you have two LDAP directories that 
contain usernames that need iFolder accounts. For example, suppose you 
have one LDAP directory that contains all your employee usernames and 
another LDAP directory that contains all your vendor usernames and you 
want the users from both directories to have iFolder accounts. You would 
enter the information for a secondary LDAP server. 


HINT: You will fill in the same information for the secondary LDAP server as you 
did for your primary LDAP server. To review the primary LDAP server instructions, 
see Step 8 on page 21. 


11 Finish the NetWare 6 installation and then reboot your server. 


12 (Conditional) If you have a DNS name configured for your iFolder server, 
verify that the DNS name and its corresponding IP address are in the 
SYS:ETC\HOSTS file of your ¡Folder server. 


If you chose to do subcontainer searches, port 389, or if you want LDAP over 
SSL, continue with the next section, Post-Installation Tasks. 


IMPORTANT: These post-installation tasks are not optional. If you disreguard 
them, iFolder will not function properly. 


If your iFolder selections do not reguire post-installation tasks, see Chapter 6, 
*Using Novell iFolder,” on page 37 to learn more about Novell iFolder. 


Post-Installation Tasks 


Complete the appropriate post-installation tasks. 


Subcontainer Searches 
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To allow iFolder to do a subcontainer search, you must do one of the 
following: 


+ Assign the CN property to the Public object 
+ Create an LDAP proxy user 
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Assign the CN Propertv to the Public Object 


IMPORTANT: Any rights assigned to the Public object are automatically inherited 
by all other objects in the Novell? eDirectory™ tree. You might not want to assign 
the CN property to the Public objectif these rights will cause a security risk. If your 
iFolder server is outside the firewall and you do not want the CN property assigned 
to all objects in your eDirectory tree, you can also use an LDAP Proxy Username 
to search the subcontainers of your tree. 


1 Launch ConsoleOne'M. 
2 Right-click your Tree object and then click Properties. 
3 Click NDS Rights > Public object > Assigned Rights > Add Property. 


4 Check the Show All Properties check box, select the CN property from 
the list, and then click OK. 


5 Check the Inheritable check box and then click Apply > OK. 


Novell iFolder is now installed and running on your NetWare 6 server. To 
learn more about Novell iFolder, go to Chapter 6, *Using Novell iFolder,” on 
page 37. 
Create an LDAP Proxy User 

1 Launch ConsoleOne. 


2 Create a user without a password. 


3 Right-click your Tree object and then click Properties > NDS Rights > 
Add Trustee. 


4 Browse to your NetWare server, select the User object you just created 
and then click Apply > OK. 


HINT: When you add this user as a trustee of the Tree object, just accept the 
default Compare and Read rights. 


5 Right-click the LDAP Group object and then click Properties > General. 


6 Click the Browse button next to the Proxy Username field and browse to 
the user that you just gave trustee rights to. 


7 Double-click the user so that the name appears in the Proxy Username 
field. 


8 Click Apply > OK. 


Novell iFolder is now installed and running on your NetWare 6 server. To 
learn more about Novell iFolder, go to Chapter 6, “Using Novell iFolder,” on 
page 37. 
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LDAP over SSL 


If vour LDAP server is not the same server as vour iFolder server, and vou 
want LDAP over SSL, vou need to export vour LDAP server's trusted root 
certificate and then copy it to your iFolder server. 


This certificate (ROOTCERT.DER) should be located in your LDAP server's 
SVS:PUBLIC directorv. Copv the trusted root certificate to the 
SYS:Apache\iFolder\Server directory on your ¡Folder server. 


For instructions on exporting a trusted root certificate, see the Novell 
Certificate Server Administration Guide (http://www.novell.com/ 
documentation/lg/crt221ad/index.html) > Managing Novell Certificate Server 
> Exporting a Trusted Root or Public Key Certificate. 


Port 389 and Clear Text Passwords 
1 Launch ConsoleOne and locate the context where your server resides. 


2 Right-click the LDAP Group object and then click Properties > Allow 
Clear Text Passwords. 
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Installing Novell iFolder on Windows 
NT 4.0 or Windows 2000 


Before you begin the iFolder™ installation, make sure that you have met the 
following iFolder server, client, and browser requirements. 


Server Reguirements 


A A Windows NT 4.0 server with Service Pack 6A or later installed or a 
Windows 2000 server with Service Pack 1 installed. 


Microsoft Service Packs are available at the Microsoft Web site (http:// 
updates.zdnet.com/products/pr 13616.htm). 


A IIS 4 or later installed. 


A An LDAP v3 enabled directory, such as NDSĊ eDirectory" 8.5. (Other 
LDAP v3 compliant directories will also work.) 


O 256 MB of RAM. 





U If you want to have LDAP over SSL encryption when the iFolder server 
communicates with the LDAP server: 


+ For NetWare, go to the SYS:PUBLIC directory of your LDAP server 
and copy the LDAP Root Certificate, ROOTCERT.DER, to your 
iFolder server. 


+ For other operating systems, export the LDAP server’s root 
certificate and then copy it to your iFolder server. 


O Getan SSL certificate and install it onto your iFolder server. 
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You can do this in either of two ways: 1) If you have your own certificate 
server, such as Novell Certificate Server, then you can get a certificate 
from your server, or 2) You can go to a certificate vendor, such as Entrust* 
or VeriSign*, and purchase a certificate from them. 


For more information on installing and creating SSL certificates for IIS 4, 
go to the Microsoft Product Support Services Web site (http:// 
support.microsoft.com/support/kb/articles/Q228/9/91.ASP). 


For information on SSL certificates for IIS 5, go to the Microsoft Product 
Support Services Web site (http://support.microsoft.com/support/kb/ 
articles/Q228/8/36.ASP). 


Client Workstation Requirements 


Novell® ¡Folder is compatible with Windows 95, 98, 2000, NT, and ME 
workstations. The iFolder client is very small and will take only about 2 MB 
of free space on your workstation. 


IMPORTANT: If you are installing on a Windows 95 workstation, you must have 
the Winsock 2 update from Microsoft installed. This update can be downloaded 
from the Microsoft Web site (http://www.microsoft.com/Windows95/downloads/ 
contents/WUAdminTools/S_WUNetworkingTools/W95Sockets2/Default.asp). 


Browser Requirements 


You can use either Netscape 4.7 or later or Internet Explorer 5 or 5.5 to 
download the iFolder client. Netscape 6 is not supported with this release. 


IMPORTANT: Although you can use either Netscape or Internet Explorer (IE) to 
download the iFolder client, IE 5 or 5.5 must be installed on every workstation 
where you plan to install the iFolder client. 


Installing Novell iFolder on Windows NT 4.0 or Windows 
2000 


1 Stop the Internet Information Server (IIS). 


+ For Windows NT 4, go to Control Panel > Services > IIS Admin 
Services > Stop. 


+ For Windows 2000, go to Control Panel > Administrative Tools > 
Services > IIS Admin Service > Stop. 
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2 


3 


Locate the iFolder software that vou downloaded and double-click the 
iFolder IIS server executable (IISiFolderServer.EXF). 


Read the Welcome screen and click Next. 


4 Click Yes to accept the licensing agreement. 


5 
6 


7 
8 


10 
11 


12 


13 


Enter your username and the name of your company, and then click Next. 


Browse to the location where you want iFolder to install the setup files 
and then click Next. 


Enter the IP address of your LDAP server in the LDAP host field. 
Enter the LDAP port you want to use. 


If you are using port 389, the LDAP Group object must be marked to 
Allow Clear Text Passwords. To verify this, launch ConsoleOne™ and 
locate the context where your server resides, right-click the LDAP Group 
object, click Properties, and check Allow Clear Text Passwords. 


HINT: Choose port 389 if you want to use LDAP without SSL encryption. Port 389 
is also a good choice if LDAP and iFolder are running on the same server or if your 
LDAP server does not support Secure Socket Layer (SSL). 


Choose port 636 if you want to use SSL, which provides your network with 
encryption and security when data is transferred across the wire. If you choose port 
636, you must create and install an SSL certificate for your iFolder server prior to 
the ¡Folder installation. For more information, see “Server Requirements” on page 
26. 


If you have chosen port 636, enter the path to the LDAP Root Certificate. 


This is the path to the place where you copied the SSL certificate prior to 
the installation. For more information, see “Server Requirements” on 
page 25. 


Enter the LDAP login DN context. 
Enter the context of the container where your User objects are located. 


iFolder lets you enter multiple contexts. After each name, insert a 
semicolon. Do not put any spaces between the names. 


(Optional) If you want iFolder to search all subcontainers below the 
LDAP login DN context, make sure you check the Subcontainer Search 
check box. 


(Conditional) If you are doing a subcontainer search, you must assign the 
CN property to the Public object or create an LDAP proxy user. 
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+ Ifyou are assigning the CN property to the Public object, continue 
with the next step. 


Any rights assigned to the Public object are automatically inherited 
by all other objects in the NDS tree. You might not want to assign the 
CN property to the Public object if these rights will cause a security 
risk. If your iFolder server is outside the firewall and you do not want 
the CN property assigned to all objects in your NDS tree, you can 
also use an LDAP Proxy Username to search the subcontainers of 
your tree. 


+ Ifyou are creating an LDAP proxy user, continue with step Step 15. 


14 (Conditional) To assign the CN property to the Public object, follow these 
instructions: 


14a Launch ConsoleOne. 
14b Right-click your NDS Tree object and then click Properties. 
14c Click NDS Rights > Public object > Assigned Rights > Add Property. 


14d Check the Show All Properties check box, select the CN property 
from the list, and then click OK. 


14e Check the Inheritable check box. 
14f Click Apply > OK. 
Continue with Step 16. 
15 (Conditional) To create an LDAP proxy user, follow these instructions: 
15a Launch ConsoleOne. 
15b Create a user without a password. 


15c Right-click your NDS tree object and click Properties > NDS Rights 
> Add Trustee. 


15d Browse to your NetWare server, select the LDAP Group object, and 
click Apply > OK. 


HINT: When you add this user as a trustee of the tree, just accept the default 
Compare and Read rights. 


15e Right-click the LDAP Group object and then click Properties > 
General. 


15f Click the Browse button next to the Proxy Username field and 
browse to the user that you just gave trustee rights to. 
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15g Double-click the user so that the name appears in the Proxy 
Username field. 


15h Click Apply > OK. 


16 Click Next in the iFolder setup. 


17 (Conditional) If you are using a secondary LDAP server, enter the LDAP 


information for that server. 


Fill in this information only if you have two LDAP directories that 
contain usernames that need iFolder accounts. For example, suppose you 
have one LDAP directory that contains all your employee usernames and 
another LDAP directory that contains all your vendor usernames and you 
want the users from both directories to have iFolder accounts. You would 
enter the information for a secondary LDAP server. 


18 Enter the path to the directory where you want the iFolder user data to be 


stored on the server. 


19 Enter the names of all the administrators who need rights to modify 


iFolder user account information via the Server Management Console 
and then click Next. 


If you are entering more than one name, separate the usernames with a 
semicolon, not spaces. For example, if you wanted John Smith and user 
Admin to have rights to administer the Server Management Console, you 
would enter admin; jsmith. 


20 If prompted, enter the IP address or the DNS name of your server. 


21 


Click Finish to complete the installation. 


22 Restart the IIS server. 


After Novell iFolder is installed, you have a few things left to configure 
through the Internet Services Manager in order for the iFolder Web site and 
the Java applet to work correctly. 


If your iFolder server is running Windows NT 4.0, follow the instructions in 
“Configuring the ¡Folder Web Site on Windows NT 4.0” on page 30. 


If your iFolder server is running Windows 2000, follow the instructions in 
“Configuring the ¡Folder Web Site on Windows 2000” on page 30. 
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Configuring the iFolder Web Site on Windows NT 4.0 


1 Launch the Internet Services Manager by clicking Start > Windows NT 
4.0 Option Pack > Microsoft Internet Information Server > Internet 
Service Manager. 


2 Right-click the Default Web Site icon and then click Properties > Home 
Directory. 


3 Set the local path. 


For example, if you installed iFolder on your C: drive, then you would 
enter 


C:\inetpub\wwwroot \iFolder\DocumentRoot 


HINT: Enter this path in exactly as you see it, except for the drive letter. What drive 
letter you enter depends on where you installed iFolder. 


4 From the Permissions drop-down box, select Script. 

5 Click Documents. 

6 Check the Enable Default Documents check box and then click Add. 
7 Enter index.html into the text field and click OK. 


Novell iFolder in now installed on your Windows NT 4.0 server. For more 
information about Novell iFolder, go to Chapter 6, “Using Novell iFolder,” on 
page 37. 


Configuring the iFolder Web Site on Windows 2000 


1 Launch the Internet Services Manager by clicking Start > Settings > 
Control Panel > Administrative Tools > Internet Services Manager. 


2 Right-click the Default Web Site icon and click Properties > Home 
Directory. 


3 Set the local path. 


For example, if you installed iFolder on your C: drive, then you would 
enter 


C:\inetpub\wwwroot \iFolder\DocumentRoot 


HINT: Enter this path in exactly as you see it, except for the drive letter. What drive 
letter you enter depends on where you installed iFolder. 


4 Check the Script Source Access check box. 


5 From the Execute Permissions drop-down box, select Scripts Only. 
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6 Click the Documents tab. 

7 Check the Enable Default Documents check box. 

8 Click the Add button. 

9 Enter index.html into the text field and click OK. 


Novell iFolder in now installed on your Windows 2000 server. For more 
information about Novell iFolder, go to Chapter 6, “Using Novell iFolder,” on 
page 37. 
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Installing Novell iFolder on Novell 
Cluster Services 


Before you set up Novell® iFolder™ on Novell Cluster Services™, you should 
already have a basic understanding of how Novell Cluster Services works. A 
short overview is provided in the Novell Cluster Services Overview and 
Installation Guide (http://www.novell.com/documentation/lg/ncs/ 
index.html). 


NOTE: Novell Clustering Services runs only on NetWare. 


To configure Novell iFolder on Novell Cluster Services, complete the 
following steps: 


1 Meet the iFolder NetWare server, client, and browser reguirements. 


+ For NetWare 5.1, follow the instructions beginning with “Server 
Reguirements” on page 13. 


+ For NetWare 6, follow the instructions beginning with “Server 
Reguirements” on page 19. 


2 Install iFolder on all NetWare servers in the cluster that you want to run 
iFolder. 


+ For NetWare 5.1, follow all steps of the procedure in “Installing 
Novell iFolder on NetWare 5.1” on page 14. 


+ ForNetWare6, follow all steps of the procedure in “Installing Novell 
iFolder on NetWare 6” on page 20. 


Once iFolder is installed on your clustered servers, continue with the next 
section, Post-Installation Tasks. 
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Post-Installation Tasks 


1 Dooneof the following: 


+ For NetWare 5.1 servers, create an NSS volume on your shared 
storage disk system, commonly referred to as a storage area network 
or SAN. 


This is the volume that will contain all your iFolder user data and 
accounts. The size of this volume will vary according to how many 
1Folder users you plan to have and the amount of data they will be 
storing. 


For more information, see NetWare Cluster Services (http:// 
www.novell.com/documentation/lg/ncs/index.html) > Installation 
and Setup > Settting Up NetWare Cluster Services > Create Cluster 
Volumes. 


+ For NetWare 6 servers, create an NSS volume on a pool. If a pool 
already exists, make sure there is enough space on the pool for the 
NSS volume that you plan to make. 


For more information on creating pools and NSS volumes, see 
Novell Cluster Services (http://www.novell.com/documentation/lg/ 
nes6p/index.html). 


2 Do one of the following: 


+ For NetWare 5.1 servers, cluster-enable the NSS volume that you just 
created. 


This involves assigning an IP address to the cluster-enabled volume. 
Remember this IP address; you’ ll need it later. 


For more information, see NetWare Cluster Services (http:// 
www.novell.com/documentation/lg/ncs/index.html) > Installation 
and Setup > Settting Up NetWare Cluster Services > Create Cluster- 
Enabled Volumes. 


+ For NetWare 6 servers, cluster-enable the pool you created in Step 1. 
(cluster-enabling the pool automatically custer-enables the NSS 
volume that you created on the pool). 


For more information, see Novell Cluster Services (http:// 
www.novell.com/documentation/lg/ncs6p/index.html) > Installation 
and Setup > Setting Up Cluster Services. 


3 Create a folder on the cluster-enabled volume. 
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4 Choose one iFolder server in the cluster and go to the 


11 
12 


13 


SYS:Apache\iFolder\Server directory and edit the HTTPD.CONF file to 
include the following parameters: 


€. Set the LDAP host to the IP address that you assigned to the cluster- 
enabled volume. 


+ Set the iFolderServerRoot to the folder that you created on the 
cluster-enabled volume. 


For example, if your cluster-enabled volume was called 
SHAREDVOL and you had created a folder on that volume called 
NIFDIR, you would set the iFolderServerRoot to 
SHAREDVOL:\NIFDIR. 


Copy the edited HTTPD.COMF file to every iFolder server in the cluster. 


Edit the AUTOEXEC.NCF file on every iFolder server in the cluster and 
comment out the line that commands iFolder to start by default when you 
reboot your server. (iFolder will be started by NetWare Cluster Services.) 


Launch ConsoleOne™. 
Browse to your cluster container object. 


Right-click the cluster volume resource and then click Properties > IP 
Address. 


Verify that the IP address that appears is the one that you have assigned 
to the cluster-enabled volume. 


Click Load Script. 

Add the following commands to the end of the existing load script: 
search add sys: \apache 

search add sys: \apache\ifolder\server 

load address space = apache apache 


Click Apply > Unload Script. 
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14 Add the following commands to the beginning of the existing unload 
script: 


unload apachestopifolder 
delav 2 

unload ldapssl 

unload ldapsdk 

unload fpsm 


15 Click Apply. 


Novell iFolder is now installed. For more information on using Novell iFolder, 
see Chapter 6, “Using Novell iFolder,” on page 37. 
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Using Novell iFolder 


This chapter covers the following three topics: 
€ “Managing Novell ¡Folder Accounts” on page 37 
+ “Using the Server Management Console” on page 38 


+ “Optimizing Your ¡Folder Server” on page 39 


Managing Novell ¡Folder Accounts 


Once Novell® iFolder™ is installed and running, you have access to the 
following two Web sites: 


+ The default ¡Folder Web site 


This site contains the iFolder Client Quick Start Guide and other 
important information about Novell iFolder. It is also where users will 
download the iFolder client and access their iFolder files via a browser. 
You can modify this page to fit your company’s internal needs. 


To access the default iFolder Web site, enter the IP address or the DNS 
name of your server into a browser. 


+ The Server Management Console 


The Server Management Console lets you manage your users’ iFolder 
accounts. From this site, you perform administrative tasks and manage 
the activity between the server and the iFolder clients. Access the Server 
Management Console by opening a browser and entering https: // 
ifolderserverip/iFolderServer/Admin. 


IMPORTANT: The Server Management Console URL is case sensitive. 


For more information, see the next section, Using the Server Management 
Console. 
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Using the Server Management Console 


In order to access the iFolder user account information, vou must log in to the 
Server Management Console with vour administrative username and 
password. Once vou are logged in, vou can view and modifv iFolder accounts 
as well as set specific policies for vour iFolder clients and server. 


You can perform the following tasks in the Server Management Console: 
+ View general server information 


View LDAP settings 


+ 


+ View user account information 


As an administrator, you can remove a user account, change a user's disk 
storage guota on the iFolder server, and set specific policies for individual 
users. 


+ 


View iFolder client connections 
+ Configure user policies 


You can determine what policies will be applied to the iFolder clients. For 
example, you can enforce policies so that your iFolder users do not have 
the option to change them. 


You can also hide certain iFolder client options. For example, if you 
enforce and hide the option to request encryption of the iFolder data, the 
data will be encrypted and the user will be unaware of the transaction. 
Things that are hidden do not appear the iFolder client dialog boxes. 


+ Configure server policies 


You can regulate server behavior, such as how much disk space will be 
allotted to each iFolder client or how much time will pass before a session 
times out. 


For instructions about specific administrative tasks in the Server Management 
Console, see the following: 


+ “Removing an iFolder Account” on page 39 
+ “Restoring a User’s Folder” on page 39 


+ “Changing LDAP Settings” on page 39 
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Removing an iFolder Account 
1 Click User Accounts. 


2 Select the user ID that you want to remove and then click Remove. 


Restoring a User's Folder 


If a user wants to recover data from a deleted or corrupted file, you can restore 
his folder to a secondary iFolder server and from there he can access his files. 


1 Atthe Server Management Console, click User Accounts. 


2 Roll your mouse over the user's ID and look at the ID that appears in the 
bottom of your browser. 


3 Restore this folder from a backup tape to a secondary iFolder server that 
the user can attach to and restore the files. 


Changing LDAP Settings 


1 For NetWare 5.1, modify the HTTPD NW ADDITIONS.CONF file 
located in SYS: Apache Folder Server directory. 


For Windows NT 4/2000, from the registry go to HKLM > System > 
CurrentControlSet > Services > W3SVC > iFolderServer. 


Optimizing Your iFolder Server 
You can optimize the performance of your iFolder server in the following 
ways: 
+ Add more RAM to your server. 


+ Increase the threads. (This only applies to Apache Web Servers running 
on NetWare.) 


For optimal performance, we recommend one thread per client; however, 
in terms of scalabilitv, iFolder has been tested up to 25 clients per thread. 


+ Change the amount of disk space alloted to your ¡Folder users. 


Be careful; allotting large amounts of disk space to users could decrease 
the iFolder server's performance. 
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+ Change the default sync delay parameters if you have thousands of users 
and you need to improve the iFolder server performance. 


Current defaults: 
+ 5-second delay after file activity 
+ 20-second delay after server polling interval 

To improve performance, make the following changes: 
+ 30-second delay after file activity 


+ l-minute delay after server polling interval 
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